A vulnerability exists in the way Microsoft Windows operating systems process IP (Internet Protocol) packets, caused by improper validation of IP network packets. This flaw may allow a malicious user to send a specially crafted packet, causing a denial of service and in some cases, remote code execution.

Severity:

Details:

The Internet Protocol (IP) is the most widely used communication protocol on the Internet. By sending a crafted IP packet to a vulnerable system, an attacker may create a denial of service condition, and in some cases, a remote execution of arbitrary code. The malformed packet must include IP option values which can pass the initial IP validation checks of the Windows operating system's IP stack. The vulnerability may be triggered only after the packet has passed the initial validation tests.

Attack
Detection:

Users of VPN-1 NG with Application Intelligence R54 and later versions who have applied the solution outlined below, will be able to detect attempts to exploit this vulnerability. SmartView Tracker will generate he following log entry:Information: packet with ip options

Solution:

Users of VPN-1 NG with Application Intelligence R54 and later versions are preemptively protected against this vulnerability, as VPN-1 drops IP packets with IP options by default.